Sergey "Shnatsel" Davidoff·Nov 5, 2025The state of SIMD in Rust in 2025If you’re already familiar with SIMD, the table is all you need. And if you’re not, you will understand the table by the end of the…A response icon2A response icon2
Sergey "Shnatsel" Davidoff·Mar 5, 2025I am stepping back from maintaining ‘cargo audit’TL;DR: I will no longer be actively working on cargo audit and the RustSec security advisory database. I will continue working on my other…
Sergey "Shnatsel" Davidoff·Mar 3, 2025Do not run any Cargo commands on untrusted projectsTL;DR: Treat anything starting with cargo as if it is cargo run.A response icon2A response icon2
Sergey "Shnatsel" Davidoff·Jan 17, 2023How to avoid bounds checks in Rust (without unsafe!)Featuring optimizer tricks, iterators and The Minimum Possible Bounds CheckA response icon5A response icon5
Sergey "Shnatsel" Davidoff·May 30, 2021The simpler alternative to GCC-RSYou really don’t need to rewrite the Rust compiler in C++ to get the benefits of GCC!A response icon1A response icon1
Sergey "Shnatsel" Davidoff·Jan 16, 2020Smoke-testing Rust HTTP clientsBack in 2014 I was fetching frontpages of the top million websites to scan them for a particular vulnerability. Not only have I found…A response icon4A response icon4
Sergey "Shnatsel" Davidoff·Jan 18, 2019Security as Rust 2019 goalThe goals and 2019 roadmap of Rust Secure Code Working GroupA response icon1A response icon1
Sergey "Shnatsel" Davidoff·Sep 28, 2018How I’ve found vulnerability in a popular Rust crate (and you can too)I have recently discovered a zero-day vulnerability in a fairly popular and well-designed Rust crate. In this article I’m going to discuss…A response icon1A response icon1
Sergey "Shnatsel" Davidoff·Aug 18, 2018How Rust’s standard library was vulnerable for years and nobody noticedRust is a new systems programming language that prides itself on memory safety and speed. The gist of it is that if you write code in Rust…A response icon13A response icon13
Sergey "Shnatsel" Davidoff·Jul 19, 2018Auditing popular Rust crates: how a one-line unsafe has nearly ruined everythingFollowing the actix-web incident (which is fixed now, at least mostly) I decided to poke other popular Rust libraries and see what comes of…
